4ae5ca461cfa4a9e7417bba1e9588f3dd7583d9a1355cc41388a7640492ba2d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e6140d38822e9a0d71395be0785f390N.exe
Size

204KB
Sample

240901-shdxjstgqr
MD5

8e6140d38822e9a0d71395be0785f390
SHA1

0a6cff3a4efa6187b03c31adc112330a99fab965
SHA256

4ae5ca461cfa4a9e7417bba1e9588f3dd7583d9a1355cc41388a7640492ba2d8
SHA512

5c54fe64d237e595a35d6669e8fb9e389b7ab403d0491687c7bea6e5125906fe07302681e044069fe70aa6be33ba0382241cdc5da5f6ea6e7b1d60ff80432040
SSDEEP

3072:X5u7yT4TVbkuRaX1w71jnRkCoyJTarYWbV+HOFxg+z1WxJsqWkoyjOowUVl/TlAQ:XLexkuRaX41xoyJV65gzyZko+uc

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  8e6140d38822e9a0d71395be0785f390N.exe
- Size
  
  204KB
- MD5
  
  8e6140d38822e9a0d71395be0785f390
- SHA1
  
  0a6cff3a4efa6187b03c31adc112330a99fab965
- SHA256
  
  4ae5ca461cfa4a9e7417bba1e9588f3dd7583d9a1355cc41388a7640492ba2d8
- SHA512
  
  5c54fe64d237e595a35d6669e8fb9e389b7ab403d0491687c7bea6e5125906fe07302681e044069fe70aa6be33ba0382241cdc5da5f6ea6e7b1d60ff80432040
- SSDEEP
  
  3072:X5u7yT4TVbkuRaX1w71jnRkCoyJTarYWbV+HOFxg+z1WxJsqWkoyjOowUVl/TlAQ:XLexkuRaX41xoyJV65gzyZko+uc
Score

10^/10

discovery persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence